YugaTech | Philippines, Technology News & Reviews

Philippines, Technology News & Reviews


More phishing activities targetting local banks

Published by: yuga under: The Internet.

posted: February 8th, 2007

While BPI has recently released an email notice to all their online banking clients about the recent phishing activities targetting their BPIExpessOnline system (via Ka Edong), yet another one has just surfaced for Equitable PCI Fastnet users.

Consumer education is the key but I believe there could be some minors changes local banks can do to prevent it.

  • Do regular weekly/monthly newsletters. These familiarizes online banking users to the email notices and would help them expect (or not to expect) such notices in the future.
  • Create a dedicated section in the official bank website enumerating all important email notices sent out to customers. This will allow users to compare what they got from the mail with the one posted on the official website.
  • Make a better-looking newsletter layout or alert email format. Aside from branding, it helps the users to be familiar with the look of the authentic notices.
  • SMS notices. If an email alert is important, SMS alerts may also be used to verify that an email has been dispatched for full details of the urgent notice.

These are minor changes that can be done easily but will greatly help in the effort to fight phishing scams. Care to share some of your thoughts how phishing scams can be avoided or spotted easily?

permalink

Enter your email address:

Related Entries:


    4 Responses to “More phishing activities targetting local banks”

    Feed for this Entry / Trackback Address

    1. Gravatar Icon deuts replied on Feb 8th, 2007 at 2:37 pm (1)

      I liked the last one, SMS notice of the email. At least it’s not another spam text.

    2. Gravatar Icon Sidney replied on Feb 8th, 2007 at 7:13 pm (2)

      A little bit off subject.
      To access my account online with my computer I got here a PIN code which is always the same (which is dangerous) in case someone is spying on me.
      Most Belgian banks give you a little calculator were you put your PIN number. That calculator generates a new code each time you want to log in your account.
      Much safer.

    3. Gravatar Icon Nils replied on Feb 15th, 2007 at 8:29 am (3)

      In the states many of the banks are now issuing “tokens” that generate a unique PIN that is required to complete online transfers. SMS may be a cost effective and efficient way to implement a similar system however if an hacker gets into an account and has the ability to modify the mobile number of record that would defeat the purpose. Tokens may be the best option for now.

    4. Gravatar Icon tutubi replied on Feb 23rd, 2007 at 1:15 pm (4)

      local banks are on the planning stage of strong two factor authentication to address this issue aside from customer education which is really hard to do

    Leave a Reply

    « PinoyTopBlogs is back
    LF: Home-based Medical Transcription Work »
    Technology & Computers - Top Blogs Philippines hit counter
    Local Plumbers - Click Here